Program released via CyberWyoming, free of charge to WYO Small Business.
The Cyber Readiness Program is designed for small businesses that don’t have on-staff technology help. Offered by the Cyber Readiness Institute and distributed by CyberWyoming, the program’s mission is to advance cyber readiness and secure global value chains.
“The Cyber Readiness program focuses on four key issues that when addressed, will drive a higher level of cybersecurity for small and medium-sized businesses,” said Pamela Passman CEO of CREATe.org, a co-founder of the Cyber Readiness Institute. “It is free and contains practical tools and resources in a format that is easy to understand and deploy.”
The approach focuses on preventative measures, creating a cyber aware organizational culture within the office, reducing cyber risks in practical ways, and implementing a self-guided program driven by an internal cyber leader. The content of the program focuses on four key cybersecurity areas that small businesses don’t necessarily need a technology professional to help with: authentication and passwords, software updates, email phishing, and removable media like USBs. It includes training materials, policy templates, inner-office communication tools to remind staff of safe practices, a cloud decision-making
tool, metrics to measure the progress, and step-by-step program roll out guidance.
“You don’t have to be technical to be a cyber leader in your office,” said Laura Baker Executive Director of CyberWyoming, “You just need to be enthusiastic and creative.” There are 5 simple steps in the program: 1. Get Started, 2. Assess & Prioritize, 3. Agree & Commit, 4. Roll Out, 5. Measure Success. “There is no need for a business leader to learn the language of technology with these tools,” said Baker, “It is all business-speak.”
HiViz Shooting Systems of Laramie was part of the Cyber Readiness Program’s beta test through a connection with Microsoft TechSpark, Wyoming Manufacturing Works, and CyberWyoming. Nineteen companies in the US and around the world participated in the beta test and HiViz Shooting Systems was the only Wyoming company in the study. The Cyber Readiness Institute was looking for a smaller manufacturer in a rural setting to test the tool and HiViz stepped up to the challenge.
HiViz’s Human Resources Coordinator, Mandy Davis, was the chosen cyber leader for the organization throughout the beta test. Davis described the process as ‘extremely practical’ and ‘very straightforward’, focused on ‘simple things that anyone can do’, with ‘user friendly tools and templates’.
“The program asks questions to make sure you are where you should be,” said Davis. Davis continued that she was ‘thrown into’ the program as the cyber leader, but it just made sense because HR is a great place for cybersecurity to be. “Like HR, cybersecurity is about people and processes,” said Davis. Davis stated that other companies should definitely take advantage of the free tools and templates because they are user friendly, simple, and break down cyber risk processes in an easy to understand manner. “You absolutely don’t have to be technical to be a cyber leader in the office with this [program]. Being a cyber leader is just understanding your people and processes and being somebody your staff can go to,” said Davis.
“The whole thing we have been after [at Manufacturing Works] is showing each person, each layperson that isn’t technical, that they can manage their cyber risks with a little bit of support,” said Gustave Anderson, Project Manager for Wyoming Manufacturing Works “I would say that I have seen business leaders grow in processes like this. I am excited to see this program more available to more Wyoming businesses.”
The program primarily focuses on creating a cyber leader to start company efforts in policy writing, staff training, staff awareness, and planning. No data is collected about the business except what is received in the sign up process. All tools, templates, and guidance are designed to be downloaded and kept local to the business. No information about the company’s vulnerabilities is collected online and the program is not designed to be a risk assessment tool.
To get information about the Cyber Readiness Program or access to the toolkit, contact firstname.lastname@example.org.